Attacks have been ongoing for over a decade now, although they’ve changed significantly during that time. Back in the day, criminals had to gain physical access to the ATM itself, gluing card skimmers onto the outside, and overlaying fake keypads to harvest PINs. In some cases, they introduced malware via USBs or CDs and/or attached external keyboards to send commands to dispense cash. These so-called “jackpotting” attacks were for many years confined to Asia and Europe, although they’ve recently started appearing in the US.